CVE-2023-47188

Medium

Published: 02 January 2025

Published

02 January 2025

Modified

29 April 2026

KEV Added

—

Patch

—

CVSS Score 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

EPSS Score 0.0034 56.9th percentile

Risk Priority 11 60% EPSS · 20% KEV · 20% CVSS

Description

Missing Authorization vulnerability in PressTigers Simple Job Board simple-job-board allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Job Board: from n/a through <= 2.10.5.

Security Summary

CVE-2023-47188 is a missing authorization vulnerability (CWE-862) in the PressTigers Simple Job Board WordPress plugin (simple-job-board). It allows exploitation of incorrectly configured access control security levels and affects all versions from n/a through 2.10.5. The CVSS v3.1 base score is 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N), indicating medium severity with network accessibility, low attack complexity, no privileges or user interaction required, unchanged scope, no confidentiality or availability impact, and low integrity impact.

An unauthenticated attacker can exploit this vulnerability over the network with low complexity and no user interaction. Exploitation enables the attacker to bypass authorization checks due to incorrectly configured access control, potentially leading to unauthorized modifications consistent with the low integrity impact.

The Patchstack advisory (https://patchstack.com/database/Wordpress/Plugin/simple-job-board/vulnerability/wordpress-simple-job-board-plugin-2-10-5-broken-access-control-vulnerability?_s_id=cve) documents this broken access control vulnerability in Simple Job Board version 2.10.5.

Details

CWE(s): CWE-862

Affected Products

presstigers

simple job board

≤ 2.10.6

References

https://patchstack.com/database/Wordpress/Plugin/simple-job-board/vulnerability/wordpress-simple-job-board-plugin-2-10-5-broken-access-control-vulnerability?_s_id=cve
Third Party Advisory · audit@patchstack.com